Google issues patches for two serious Chrome zero-day vulnerabilities

Cartoon Chrome logo

Google's Project Zero is very quick to point out security flaws in other company's products, but the search giant is far from being perfect itself. Two recently discovered zero-day vulnerabilities in Chrome have just been fixed with a new patch.

CVE-2020-16009 and CVE-2020-16010 are remote code-execution and heap-based buffer overflow flaws respectively and affect both the desktop and Android versions of Google's web browser.

See also:

Advertisement

The CVE-2020-16009 vulnerability relates to the V8 JavaScript component on the desktop, while the CVE-2020-16010 flaw affecting Android is a heap-based buffer overflow vulnerability. In order to secure their browsers, Windows users need to update to at least version 86.0.4240.183 of Chrome, while Android users need to have at least version 86.0.4240.185 of the browser installed.

News of the flaw was shared on Twitter by Ben Hawkes:

To ensure that you have a safe version of Chrome installed, you will need to update. On the desktop, head to the About screen and a check will be performed. On Android, you will need to launch Google Play and check for updates.

Image credit: Ilya Sergeevych / Shutterstock

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.